Re: NT Authority System forces XP shutdown after svchost error
From: Bruce Chambers (bchambers_at_nospamcableone.net)
Date: 12/07/03
- Next message: Bill: "Re: Printer Sharing With XP Firewall Enabled"
- Previous message: Marc: "reseting admin pass"
- In reply to: Alvaro de la Ossa: "NT Authority System forces XP shutdown after svchost error"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Sat, 6 Dec 2003 19:43:34 -0700
Greetings --
If you connected the PC to the Internet without having first
installed the KB824146 Hotfix, without having first installed an
antivirus application with current virus definition files, and before
enabling a firewall, you're very likely to get infected from any of
the thousands of PCs on the Internet that are constantly broadcasting
the Blaster and/or Welchia worms. It only takes a few seconds of
exposure.
To stay on-line long enough to get the necessary updates, patches,
and removal tools, click Start > Run, and enter "shutdown -a" when the
next RPC countdown begins. This will abort the shut down. Also, make
sure you've enabled a firewall before starting, to preclude any more
intrusions while getting the updates/patches/tools.
Microsoft Security Bulletin MS03-39
http://support.microsoft.com/?kbid=824146
What You Should Know About the Blaster Worm
http://www.microsoft.com/security/incident/blast.asp
W32.Blaster.Worm a.k.a. W32/Lovesan.Worm
http://www.symantec.com/avcenter/venc/data/w32.blaster.worm.html
W32.Blaster.Worm Removal Tool
http://www.symantec.com/avcenter/venc/data/w32.blaster.worm.removal.tool.html
W32.Welchia.Worm a.k.a. W32/Nachi.Worm
http://securityresponse.symantec.com/avcenter/venc/data/w32.welchia.worm.html
W32.Welchia.Worm Removal Tool
http://www.symantec.com/avcenter/venc/data/w32.welchia.worm.removal.tool.html
McAfee AVERT Stinger
http://us.mcafee.com/virusInfo/default.asp?id=stinger
Bruce Chambers
-- Help us help you: http://dts-l.org/goodpost.htm http://www.catb.org/~esr/faqs/smart-questions.html You can have peace. Or you can have freedom. Don't ever count on having both at once. -- RAH "Alvaro de la Ossa" <anonymous@discussions.microsoft.com> wrote in message news:016d01c3bc39$1c3b6c40$a401280a@phx.gbl... > I have a desktop with NT Professional 2002. I just got a > dial-up service at home. When connecting to the service, > after a while (sometimes short, sometimes long) the > system stops responding, and an error message appears: > > Generic Host Process for Win32 services > FZAppName: svchost.exe > szAppVer: 5.1.2600.0 > > After that, another message says in Spanish (I have the > spanish version of XP Pro) something like "The system is > shutting down. Save all your work and close the session. > Any unsaved work will be lost. Shutdown has been > initiated by the NT Authority System." > > Then a countdown of 1:00 min shows up and the system > shuts down when it reaches 0:00. The system does not > respond to the mouse or keyboard, and won't allow me to > save my unsaved work. > > After that, the message "the RPC connection finished > unexpectedly", which I assume refers to the dial-up > connection. > > I have searched microsoft's technical support > documentation including their knowledge base and technet, > but can't find anything that will lead me to a > resolution. I have also checked for device/driver > conflicts and nothing seems to be wrong there. > > Any ideas or hints on where to look for help on this? I > will appreciate any hint! > > Thanks!
- Next message: Bill: "Re: Printer Sharing With XP Firewall Enabled"
- Previous message: Marc: "reseting admin pass"
- In reply to: Alvaro de la Ossa: "NT Authority System forces XP shutdown after svchost error"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
